Despite all my best wishes and efforts, I’ve really been under a tremendous production load of projects at work lately.
Hours stretched, long drives into field office locations for “in-the-trenches” work. Stuff like that.
I have still been checking my RSS feeds and building the linkage piles, but goodness, no time for weekend link posting of late.
One small benefit of the delays is that I will often go back now and re-consider that pile of 20+ links and after a week, find that some just weren’t worth posting comments on after all…so they will be struck.
This slow-simmering seems to result in a much tastier collection of tools and utilities.
So here you go. About a month’s worth of slow-home-cooking served up for your dining pleasure.
Networking Link Portals
One of the things we have been doing lately is doing site-wide network traffic monitoring and analysis. Our great network team has developed a pretty easy and deployable process to initiate a remote traffic capture and then internal analysis of the traffic/files. Nothing super sophisticated but we can now pretty clearly generate a response report in record time. That’s a small miracle in itself.
Here are three “portal” locations for great linkage and reference materials on Network traffic and analysis.
- Cheat Sheets - Packet Life. Great collection of free PDF-formatted reference sheets on many things network traffic related. This Wireshark Display Filters (PDF) page alone has been very useful.
- Network Monitoring Tools – Amazing collection of links maintained by Les Cottrell at Stanford. Be careful. You could easily loose hours looking through the resources documented and organized here!
- WinPcap Network Tools and Links – Lots of great tools, reference materials, and what-not all lined up and linked regarding WinPcap-supported tools.
Remote System Auditing Tools
In aftermath of yet another incident project, I began looking for an efficient way to remotely audit the physical status and configuration of remote systems in our network. We haven’t really had a need in the past to do so, and in the past year have only now been running post-deployment audit reports on systems that we initially set up to capture/document key hardware items. However it has become clear I needed the ability to do ad-hoc surveys and reporting on the status of Windows systems long-since deployed in the field. Our network management infrastructure software can (in theory) do this, but it is non-intuitive and burdensome to do so. In addition, it requires the workstation objects to have been correctly imported to the container in the first place to access. Not done so? No data. So obviously I could have some big holes in my site/system audit reports.
So I started looking for a simpler reporting solution.
I found a number of great (and free) tools to do so but they were either much more robust that I needed, or required a client/server model of deployment, or the reporting was just not customizable out for rapid site-wide auditing and exportation for additional analysis in Excel/Access.
Some of those tools that “almost” fit the bill but eventually fouled out were:
- Total Network Monitor – freeware – Softinventive Labs. Pretty full featured and awesome.
- Remote System Information 3.0 - (shareware) – nice and had much of the system hardware auditing stuff I needed but the reporting wasn’t robust enough nor was the fact it was shareware and I couldn’t find where the developers were still in business.
- Network Manager (NINO) - (open source) – Located this one on SourceForge and looks like a really heavy-duty network monitoring tool. Ended up being too beefy for my targeted needs.
- OpenNMS – (Open Source) - Another very robust network management platform.
- Lan Sweeper – (Free/$$ versions) – I really, really liked this one. It covers so many of the mission-critical system auditing and monitoring points. However it is based on a client/server type of model. I wanted something that didn’t require me to deploy clients on all our systems in addition to the existing network client infrastructure in place.
- Zenoss – (Open Source) – Another very mature and polished network/systems monitoring platform. Again, too robust for my needs.
- Network Inventory - (shareware/$) – Very nice but ultimately not free/OpenSource and cost is king now.
- Network Inventory Advisor - (free-trial/$) – Also nice, especially in that it was not agent/client based but again, the free trial period is limited and there is no $ in the budget for this project.
- AdvancedRemoteInfo - (freeware) — Pet project of Matthias Zirngibl at masterbootrecord.de. This was an unexpectedly special find from Germany. Still in development, this beta level utility really has a lot of great bells and whistles. It provided extensive information about remote system hardware/software and data-points. It also allowed for some useful remote interactions with the target system and reporting was much better. However, again, I needed something that let me manage reports on a site-wide number of systems, not one-system-at-a-time reporting. Still, this is a great tool and I’m going to be keeping an eye on it in the future!
At this point, after almost an entire week of looking for just the right tool, I was almost ready to give up. I checked in with Michael Pietroforte over at 4sysops. He referred me to his lineups of Free Windows Networking Tools and Free Windows Inventory Tools (in fact see his full selection of categorized Free Windows Admin Tools – 4sysops). However, none of those offerings were fitting the bill either.
Then while in the middle of our dialog, I found that an old-favorite had been updated with just the feature-sets I was looking for:
- SoftPerfect Network Scanner -- (freeware) – Free network scanner and remote-system management tool.
This ended up being perfect as it is a single, portable exe file based utility. Though not “tiny” at 720K, it still packs an amazing feature set in.
I am now able to remotely run an IP scan against an entire network site range, and then can set WMI-based custom reports to pull data from the systems. Because by audit is IP based, I’m much more likely to identify the devices on the network rather than those “objects” that were imported and calling home from a client/agent configuration only.
And the WMI-based reporting options are off the hook.
Look for a more detailed post soon on this project, but for now, I highly recommend checking it out.
The only potential “gotcha” is that WMI services and firewall port rules/policy must be configured, up, and running on the remote systems to get all the WMI-accessible data for your reports. If you have that in place, then you can easily run and export tons of highly detailed system audit report data.
Please look below for more useful WMI (Windows Management Instrumentation) resources that are must-reads if you are not yet familiar with it and need to do some homework for deploying and accessing the data it can potentially provide.
- Windows Management Instrumentation (Windows) – MSDN Library.
- Connecting to WMI on a Remote Computer (Windows) – MSDN Library.
- Connecting Through Windows Firewall (Windows) – MSDN Library.
- Connecting to WMI Remotely Starting with Windows Vista (Windows) – MSDN Library.
- Enable WMI for Remote Monitoring -- PowerAdmin.
- Help & support – Clear apps – Providing their own auditing product, this FAQ page touches on highpoints.
- Network Inventory: WMI Access Troubleshooting Guide – 10-Strike Software also deploy a WMI-based solution. This tips page has lots of good background information as well.
- WMI Troubleshooting Guide -- Network Monitoring Software
- Remote Administration (using WMI) on XP Pro – TweakXP guide.
New or Improved Fun Utilities
These remaining tools caught my fancy this week. They “remain” from the many more that seemed interesting from this week but on additional look didn’t make the draft-cut.
- KON-BOOT – This boot-kit tool to bypass Windows account protection has gotten a major update that supports both 32 and 64-bit Windows systems. Use it for good!
- Explorer++ version 1.1 now available -- (freeware) – little update to this nice 32/64-bit supported alternative file management program.
- Partition Wizard – (freeware) – Another GUI-based Windows partition management program. I’ve got so many now (including excellent Linux LiveCD distros) that I really don’t need another one…particularly with DiskPart and a WinPE disk, however, I seem to collect these things as a hobby. For additional reviews: Partition Wizard Home Edition: excellent, free partition management utility | freewaregenius.com and Partition Wizard Manages and Fixes Your Hard Drive for Free - Partition - Lifehacker
- Free tool to open a command prompt in any folder – Yeah. I know there are other ways to accomplish this, but if you want an easy to install/integrate/access tool, here you go.
- Download details: Microsoft Exchange Server Error Code Look-up Tool – I’m certain I’ve mentioned it before, but I couldn’t my own link to it here, so here you go. Couple this with MyEventViewer and BlueScreenView and AppCrashView from NirSoft and you might have a good seed set for working on strange system crash analysis.
Remote Desktop Trick
Windows Remote Desktop is a cool trick to access and manage a system across your network. But what if you don’t have it enabled on the system? And either the end-user is totally clueless, rights restricted, or otherwise unable to initialize some other remote-control solution? This might be a trick to try.
- Windows Server Hacks: Remotely Enable Remote Desktop – O’Reilly Media.
- Remotely Enable Remote Desktop :: IntelliAdmin - (free tool) – this tool automates the above manual trick. Get the micro-file from this link: Enable Remote Desktop – Remotely (exe download-link from IntelliAdmin). I tend to avoid direct links but the download link from their blog-post page actually points to their full-featured application, and not the standalone tool.
Chrome Browser
I’m still nowhere near ready to jump ship from Firefox to Chrome full time, but I do find myself using the Chromium nightly versions in a portable version much more.
Here are the very small set of “add-ons” that I have found useful to load on it.
- AdBlock - Google Chrome extension gallery.
- Atomic Bookmarks - Google Chrome extension gallery.
- Browser Button for AdBlock - Google Chrome extension gallery.
- ChromeAccess - Google Chrome extension gallery.
- FlashBlock - Google Chrome extension gallery.
- youtube-html5-chrome - Project Hosting on Google Code.
I’m running a portable version of Chrome (Portable Google Chrome 2.0.172.23 or Portable Google Chrome 2.0.159.0) along with Dirhael’s (portable) Chromium Nightly Updater to keep the package frequently updated. However, that has required unpacking and copying over the update packages into my the portable Chrome application folders. No biggie but additional work.
So I was delighted to find that Carsten “caschy” Knobloch has recently started including an multi-build supported updater in his Portable Chrome package: Portable Google Chrome 4.1.249.1059 (German site) has the latest full portable packages for download or you can simply unpack it and copy the single exe updater file to your existing portable Chrome package and use it from there. It automates the process to check, download, unpack, and install the latest Chrome release versions into you portable Chrome folders. Way too cool! See this post Neue Version des Portable Chrome Updaters (German) for additional info on the updater proper.
Firefox 3.7 Stuff
And the next iteration of Firefox is still marching closer to readiness. I like what I am seeing, but I was surprised when my playing with a portable version of this latest release actually BSOD my Windows 7 x64 system. First time ever that has happened. Lots of fun stuff here but be careful!
- Firefox 3.7a4/Gecko 1.9.3a4 Released -- The Firefox Extension Guru’s Blog.
- Firefox.next Alpha 4 is both: performance and looks -- Mozilla Links.
- Mozilla Developer Preview, Portable Edition 3.7 Alpha 4 and Alpha 5 Pre Released (Firefox Preview) -- PortableApps.com
- Mozilla Firefox, Portable Edition and Gecko Layout Engine Test Versions -- PortableApps.com
- Release Notes: Mozilla Developer Preview
More Cool Utility Toys and Tips – Part II
- NTFSLinksView - View NTFS symbolic links and junction points - (freeware) – NirSoft – New tool.
- UserAssistView - Decrypt and displays the list of all UserAssist items in the Registry - (freeware) – NirSoft – Update.
- TinyApps.Org Blog : Unpack / extract .MSI file contents – Great tip and tool reference for dealing with MSI files. Less MSIĆ©rables isn’t as tiny but also provides a GUI-based method (with Windows Explorer shell integration) to unpack MSI files on demand via the right-click context menu when needed.
- 4sysops has been busy with some great WinPE reference material. I’m still learning more tips and tricks in my own WinPE building pursuits and I collect these tips like crazy as I am always bound to find a new way of enhancing and refining my building work: Create bootable Windows PE 3.0 USB drive – 4sysops and Create a bootable Windows PE 3.0 USB drive with tools - 4sysops
- StandaloneStack 2 Makes Leopard Stack on Your Taskbar in Windows 7 - Windows 7 hacker. Neat tweak-tool for enhancing the Windows 7 superbar features. I’m still working on getting used to configuring and using the Jumplist-Launcher tool as well. I figure between these I should be able to come up with something awesome.
- RT Seven Lite - (Freeware) – Spotted but not yet found enough time to play with. This tool helps with Windows 7 integration, tweaking, and customization. Looks like a really robust tool for custom Windows 7 deployments.
I hope you found something yummy for your Windows system here today!
Cheers!
Claus V.